CISCO : Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.140022

Kategorie: CISCO

Titel: Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)

Zusammenfassung: A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and; Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial; denial of service (DoS) condition due to the AMP process unexpectedly restarting.;; The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is; configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching; this JAR file to an email that is then sent through the affected device. An exploit could allow; the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the; malformed JAR file.;; Cisco has released software updates that address this vulnerability. Workarounds that address this; vulnerability are not available.

Beschreibung: Summary:
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and
Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial
denial of service (DoS) condition due to the AMP process unexpectedly restarting.

The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is
configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching
this JAR file to an email that is then sent through the affected device. An exploit could allow
the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the
malformed JAR file.

Cisco has released software updates that address this vulnerability. Workarounds that address this
vulnerability are not available.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-6360
BugTraq ID: 93910
http://www.securityfocus.com/bid/93910
http://www.securitytracker.com/id/1037120
http://www.securitytracker.com/id/1037121

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.140022
Kategorie:	CISCO
Titel:	Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)
Zusammenfassung:	A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and; Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial; denial of service (DoS) condition due to the AMP process unexpectedly restarting.;; The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is; configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching; this JAR file to an email that is then sent through the affected device. An exploit could allow; the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the; malformed JAR file.;; Cisco has released software updates that address this vulnerability. Workarounds that address this; vulnerability are not available.
Beschreibung:	Summary: A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching this JAR file to an email that is then sent through the affected device. An exploit could allow the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the malformed JAR file. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6360 BugTraq ID: 93910 http://www.securityfocus.com/bid/93910 http://www.securitytracker.com/id/1037120 http://www.securitytracker.com/id/1037121
Copyright	Copyright (C) 2016 Greenbone AG